package com.kk.xhr.web.security;

import com.kk.xhr.common.pojo.AuthUser;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.credential.CredentialsMatcher;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/**
 * JWT Shrio密码校验
 *
 * @author liujingcheng
 * @version 1.0, 2020/4/7 11:30
 * @since 1.0.0
 */
public class JwtCredentialsMatcher implements CredentialsMatcher {
    private static final Logger LOGGER = LoggerFactory.getLogger(JwtCredentialsMatcher.class);

    /**
     * 验证token是否和系统中存储的相同
     *
     * @param authenticationToken 系统中存储的token
     * @param info                用户登录凭证中的token
     * @return 是否相同
     */
    @Override
    public boolean doCredentialsMatch(AuthenticationToken authenticationToken, AuthenticationInfo info) {
        // 系统存储的JwtToken
        final JwtToken jwtToken = (JwtToken) authenticationToken;
        if (null == jwtToken.getPrincipal()) {
            return false;
        }
        String token = (String) authenticationToken.getPrincipal();
        AuthUser authUser = (AuthUser) info.getPrincipals().getPrimaryPrincipal();
        LOGGER.info("JwtCredentialsMatcher#doCredentialsMatch user: {} token: {}", authUser.getUsername(), token);
        return true;
    }
}
